| Specification and development of interactive systems: FOCUS on streams, interfaces, and refinement M Broy, K St©ªlen Springer, 2001 | 822* | 2001 |
| Model-driven risk analysis: The CORAS approach MS Lund, B Solhaug, K St©ªlen Springer, 2011 | 629 | 2011 |
| Model-based security analysis in seven steps—A guided tour to the CORAS method F den Braber, I Hogganvik, MS Lund, K St©ªlen, F Vraalsen BT Technology Journal 25 (1), 101-117, 2007 | 297 | 2007 |
| STAIRS towards formal design with sequence diagrams ¨ª Haugen, KE Husa, RK Runde, K St©ªlen Software & Systems Modeling 4, 355-357, 2005 | 193 | 2005 |
| Cyber-risk management A Refsdal, B Solhaug, K St©ªlen Cyber-Risk Management, 2015 | 169 | 2015 |
| Model-based risk assessment to improve enterprise security JO Aagedal, F den Braber, T Dimitrakos, BA Gran, D Raptis, K St©ªlen EDOC'02, 51-62, 2002 | 166 | 2002 |
| The requirement and design specification language Spectrum -- An informal introduction M Broy, C Facchi, R Grosu, R Hettler, H Hussmann, D Nazareth, ... Technical Reports TUM-I9311 and TUM-I9312, 1993 | 156* | 1993 |
| The CORAS methodology: model-based risk assessment using UML and UP F den Braber, T Dimitrakos, BA Gran, MS Lund, K St©ªlen, J¨ª Aagedal UML and the Unified Process, 332-357, 2003 | 141* | 2003 |
| The CORAS framework for a model-based risk management process R Fredriksen, M Kristiansen, BA Gran, K St©ªlen, TA Opperud, T Dimitrakos Safecomp'02, 94-105, 2002 | 135 | 2002 |
| Why trust is not proportional to risk B Solhaug, D Elgesem, K St©ªlen ARES'07, 11-18, 2007 | 86 | 2007 |
| Development of parallel programs on shared data-structures K St©ªlen University of Manchester, 1990 | 85 | 1990 |
| A graphical approach to risk identification, motivated by empirical investigations I Hogganvik, K St©ªlen MODELS'06, 574-588, 2006 | 84 | 2006 |
| Model-based risk assessment-the coras approach K St©ªlen, F den Braber, T Dimitrakos, R Fredriksen, BA Gran, SH Houmb, ... NIK'02, 239-249, 2002 | 81 | 2002 |
| Towards a UML profile for model-based risk assessment SH Houmb, F den Braber, MS Lund, K St©ªlen CSDUML'02, 79-91, 2002 | 81 | 2002 |
| STAIRS–Steps to analyze interactions with refinement semantics ¨ª Haugen, K St©ªlen UML'03, 388-402, 2003 | 80 | 2003 |
| Why timed sequence diagrams require three-event semantics ¨ª Haugen, KE Husa, RK Runde, K St©ªlen Dagstuhl seminar on Scenarios: Models, Transformations and Tools, 1-25, 2005 | 68 | 2005 |
| Model-based security risk analysis for Web applications: The CORAS approach T Dimitrakos, B Ritchie, D Raptis, K St©ªlen Euroweb'02, 43-55, 2002 | 68 | 2002 |
| A method for the development of totally correct shared-state parallel programs K St©ªlen CONCUR91, 510-525, 1991 | 67 | 1991 |
| Evolution in relation to risk and trust management MS Lund, B Solhaug, K St©ªlen Computer 43 (05), 49-55, 2010 | 63 | 2010 |
| Risk analysis of changing and evolving systems using CORAS MS Lund, B Solhaug, K St©ªlen FOSAD'11, 231-274, 2011 | 57 | 2011 |
